[PATCH] io_uring: fix 0-iov read buffer select - Linux-stable-mirror

19 Dec 2020

Doing vectored buf-select read with 0 iovec passed is meaningless and
utterly broken, forbid it.
Cc: stable@vger.kernel.org # 5.7+
Signed-off-by: Pavel Begunkov asml.silence@gmail.com
---
 fs/io_uring.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/fs/io_uring.c b/fs/io_uring.c
index b74957856e68..f3690dfdd564 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -3125,9 +3125,7 @@ static ssize_t io_iov_buffer_select(struct io_kiocb *req, struct iovec *iov,
    	iov[0].iov_len = kbuf->len;
    	return 0;
    }
-	if (!req->rw.len)
-		return 0;
-	else if (req->rw.len > 1)
+	if (req->rw.len != 1)
    	return -EINVAL;
#ifdef CONFIG_COMPAT
-- 
2.24.0


    